arkadiyt / bounty-targets Goto Github PK

This project crawls bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) hourly and dumps them into the bounty-targets-data repo

Home Page: https://github.com/arkadiyt/bounty-targets-data

License: MIT License

Ruby 99.01% Dockerfile 0.51% Makefile 0.48%

hackerone bugcrowd bug bounty vrp federacy hackenproof intigriti yeswehack

bounty-targets's Introduction

bounty-targets

What's it for

This project crawls all the Hackerone, Bugcrowd, & other bug bounty platform scopes hourly and dumps them into the bounty-targets-data repository:

https://github.com/arkadiyt/bounty-targets-data

Supported platforms:

Hackerone
Bugcrowd
Intigriti
Hackenproof
YesWeHack
Federacy

Installation

If you want to run bounty-targets yourself you can follow these steps:

Clone the project and install the dependencies with bundle
Set the following environment variables:
- SENTRY_DSN: (Optional) Sentry API key for exception tracking.
- SSH_PRIV_KEY: An SSH private key that is authorized to write to the github project you want to push data to.
- SSH_PUB_KEY: The public key corresponding to SSH_PRIV_KEY.
- GIT_HOST: The github project to write to. For this project it's [email protected]:arkadiyt/bounty-targets-data.git.
Execute bin/bounty-targets

Getting in touch

Feel free to contact me on Signal: @arkadiyt.01

bounty-targets's People

Contributors

Stargazers

Watchers

Forkers

gazcbm 0x13337 forrest321 d1pakda5 elamaran619 indoxploit-coders veter069 khairulreen random-robbie moodiabdoul clicknull cyberbuck securux w1ck3dth1ngs bh4nut3j4 hayageek rkreddypandu diogomrsilva securepo vinuribandara jsulinski jwilmott websecresearch ethicalhackingplayground uid-root hanxiansheng26 master-fufu aaap-repos bravery9 infanteria2013 3453-315h ppepos 5l1v3r1 piratebooteh noraj dskho aniketpr ce8so9 jeffreyshran sageof6iixpaths afwu iangcarroll sicks3c hunt2behunter websitemobil bugpie54 j5s haxormad r3pairmen aliluyala t3chyw0lf madusec sobinge 0x71rex lamscun ahmedbi sirduraeerecto excloudx6 junanc qianniaoge kuron3k0 wawava devops1981 dark-ninja10 cyberindia1 tommalvoriddle khoiasd mwc8517 mamaiamhacking aerosayan rayiik mswell jodorot bug-hunter-project willkill420 sathishvjd cdaprod rupaidas bpavesi khoirulaksara emadyay mr-vill4in dr4k0v3r freelabz patuuh llsec268 iq-scm behzadsp maverick0o0 ethicalsecurity-agency 0xsojalsec ana7r who-ami h3ll0w0lrd mjasec maen08 06opotehb dante-tech hellst4r

bounty-targets's Issues

24 bugcrowd public programs not catched

Hello, all 24 below public programs aren't fetched. I think it's something to have with the new url format engagements/xxxxxx maybe ?!

bounty targets data has not been updated in a week

Intigriti and YesWeHack out_of_scopes not scraped

Hi
It appears that both Intigriti, and YesWeHack out_of_scope is not being scraped,
They are blank for all programs.
I wish I had enough knowledge in GO to resolve it, but I cannot :(
Thanks

Bugcrowd data missing

Hi there, it seems like the data available for Bugcrowd in bugcrowd_data.json is missing quite a few programs, for example Tesla. I am not sure what is causing this but it does seem to result in a lot of missing entries. Sorry that I have not debugged it any further!

bounty-targets-data not updated since 8 days

Hi ! on bounty-targets-data we can see last update is 8 days ago. The bot might be broken

Feature Request: Excluded URL's

Is it possible for this to be extended to include the excluded urls too?

Uber Scopes Missing

Hello,
Pure coincidence that I checked for the Uber scope in the output and noticed that it isn't there.
Not sure why at all, it should include *.uber.com although it's possibly difficult to automate that due to how it appears?

What do parentheses mean (in wildcards.txt)?

There are some domains in wildcards.txt that contain parentheses around wildcards (e.g (*).endlcdn.site, (*).theendlessweb.com). What do these mean?

Do they mean to include only subdomains below those listed domains and not the parent domain (i.e. abc.endlcdn.site, but not endlcdn.site)?

Thank you.

[Request] bugbounter.com Add

https://www.linkedin.com/company/bugbounter/

Program list:

https://app.bugbounter.com/programs

need to grab domains from private programs account specific

how to grab domains using authenticated account of h1, bc etc. ?

Can you also add the OpenBugBounty bugbounty programs?

https://www.openbugbounty.org/bugbounty-list/

Hackerone misinformation

Hi! There is an error in script that parsing companies from h1, that leads to some misinformation. In particular, the raw data collected by your script indicates that paypal does not pay bounty, however, just click on the link of their program to make sure that this is not truth. The same about Airbnb

bounty-targets-data not updated since 2 weeks

It seems that the bounty-targets-data is not updated in 2 weeks. Issues with platform api's?

bounty-targets-data not updated since 7 days

Hi ! on bounty-targets-data we can see last update is 8 days ago. The bot might be broken

Tim

OOS domains improperly scraped

Hi,

With the recent updates, the parser is now invalidly parsing the OOS domains.

[Intigriti]

There is not a single OOS domain for Intigriti: https://github.com/arkadiyt/bounty-targets-data/blob/main/data/intigriti_data.json

If you check any program, no valid OOS domain is scraped for it.

[Bugcrowd]

The OOS domains are improperly scraped with empty JSON objects. e.g.

https://bugcrowd.com/tripadvisor-bb-og

and

https://github.com/arkadiyt/bounty-targets-data/blob/main/data/bugcrowd_data.json

In addition, I believe this is one of the main commits that removed lots of OOS domains:

arkadiyt/bounty-targets-data@b559c43

Best regards,
HolyBugx

hackenproof data : missing some inscope values

Hello !

It seems hackenproof data are not working properly anymore.

Example :
On https://github.com/arkadiyt/bounty-targets-data/blob/master/data/hackenproof_data.json
"/codex/codex-exchange" is empty but https://hackenproof.com/codex/codex-exchange shows in scope domains.

hackerone "taking a break" programs not fetched

hello hackerone "taking a break" programs are not fetched like https://hackerone.com/caesars-digital?type=team

now not in https://raw.githubusercontent.com/arkadiyt/bounty-targets-data/master/data/hackerone_data.json

they are temporary paused often to high reports so they need time to handle while not receiving any new ones or sometimes on holidays programs take a break.

bugcrowd bigcommerce star subs not fetched

https://bugcrowd.com/bigcommerce -> *.bigcommerce.com and *.bigcommerce.net

In https://raw.githubusercontent.com/arkadiyt/bounty-targets-data/master/data/bugcrowd_data.json ->

{
"type": "website",
"target": ""
},
{
"type": "website",
"target": ""
},

没有爬取到目标站点，请问是否可以添加修复一下

没有爬取到目标站点，只爬取到了title

bounty-targets-data is not updated since 2 weeks

The bounty-targets-data is not updated since 2 weeks. Issues with platform api's?

Support for Bugcrowd programs with multiple groups

Hi there, I think the new Bugcrowd parsing in 0c33ecc inadvertently prevented picking up programs which contain multiple in-scope groups, as it just pulls out the first parsed group for in-scope and out-of-scope and uses that. This results in programs like Arlo (https://bugcrowd.com/arlo) not having any domains, because they are all in the second in-scope group.

I think the fix is something like the following, to extract all groups and flatten them (non-recursively), but my Ruby is a little rusty and I had trouble getting this to work for every program. Hopefully someone knows the best syntax for this.

targets: {
  in_scope: scopes_to_hashes(content['groups'].find_all { |group| group['in_scope'] == true }.reduce([], :concat)),
  out_of_scope: scopes_to_hashes(content['groups'].find_all { |group| group['in_scope'] == false }.reduce([], :concat))
}

federacy add offers_awards

Hi, pls for federacy add offers_awards or not as a field in federacy scope file.

offers_awards yes/no is here https://www.federacy.com/api/public_programs/

add other platforms like initigriti, yeswehack.

I dont really know about what can you do on yeswehack but intigriti has an underlying api which can help you scrape the scope of a program: for example:

https://api.intigriti.com/core/program/randstad/randstad

I think it follows this scheme: https://api.intigriti.com/core/program/company_handle/program_name

Crawl community curated pages by using the "external" keyword

This would really be useful to collect all the wildcard domains in one place for recon purposes. If you don't want to clutter the data you can create 2 new files for wildcard and regular external program scopes. I think it is a missed opportunity to not crawl the community curated pages.

If I knew ruby I would create a pull request sorry :/

bounty-targets/lib/bounty-targets/hackerone.rb

Line 38 in ae4a956

 uri.query = ::URI.encode_www_form(query: 'type:hackerone', sort: 'published_at:ascending', page: page) 

add option for individual scope

Hi,

Can you add an option to only download H1 or BC or .... scope, those when any platform API will fail we can work with other platforms.

when h1 api changed, we cannot use the tool anymore to fetch other platforms scope..

bounty-targets-data not updated since 12 days

Hi ! on bounty-targets-data we can see last update is 12 days ago. The bot might be broken